The Pendulum’s Swing Back to Privacy is Just Getting Started

Paula Musich
Paula Musich

Summary Bullets:

  • The growing use of encryption, especially in smartphones, gives privacy controls back to end users, much to law enforcement’s chagrin.
  • The backlash against government snooping is just getting started, and it will only get louder with time and a potential defining event that will spur widespread calls for reform.

The government met last month with Apple executives to talk about the new encryption technology used in Apple IOS 8 and now Google’s Android Lollipop release that can block government access to information on smartphones, even if law enforcement has a court order. IOS 8 encrypts all data on the device and passcode protects it. Data can’t be accessed without the passcode, which Apple does not have access to. The Justice Department, FBI, NSA and others are demanding access; the industry is saying customers demand their privacy. Who’s right? The widely used WhatsApp chat service also just significantly upgraded its encryption. I think the government over-reached (especially with the NSA’s Prism program) and failed to understand the gathering backlash created by the Snowden leaks, and the high tech industry, including Apple, is seeing a negative impact on business as a result of lost customer trust. Continue reading “The Pendulum’s Swing Back to Privacy is Just Getting Started”

Closing Security Gaps: Introducing the Pressure Incentive

A. DeCarlo
A. DeCarlo

Summary Bullets:

  • For all the talk about sophisticated security strategies, too many breaches can be avoided by making sure the basics are under control, starting with adequate data security policies.
  • The recent breaches of Global Payments and LinkedIn’s data cast a harsh light on the lack of care those organizations took to applying appropriate protections such as multi-factor authentication and encryption to safeguard customer data.

One unfortunately consistent truth about data security is how often some of the most egregious data breaches could have been stopped if adequate care was taken to ensure the most fundamental elements of security were in place, starting with the appropriate policies regarding the handling of crucial customer data.  We have seen this recently with attacks such as the theft of hundreds of thousands of patient records from Utah’s Medicaid health system in March (see “Anatomy of a Breach: What We All Can Learn from the Utah Medicaid Records Theft,” May 18, 2012), where a cascading series of clear missteps in policy and execution made the breach relatively easy for hackers. Continue reading “Closing Security Gaps: Introducing the Pressure Incentive”